package myoa

import myoa.domain.UserStatus

class UserController {

    def index() {
        redirect(action: 'list')
    }

//----------level 1 by first access control: auth----------
    def create() {

    }

    def save() {
        User u = new User(params)
        u.encryptPassword()
        u.lastLogin = new Date()
        u.status = UserStatus.PasswordExpired
        u.save()
        if (u.id) {
            redirect(action: 'list')
        } else {
            flash.message = message(code: 'default.save.failed')
            redirect(action: 'create')
        }
    }

    def resetPassword(Long id) {
        [user: User.read(id)]
    }

    def resetPasswordDo(Long id) {
        User u = User.get(id)
        u.encryptPassword(params.passwordNew1)
        if (u.save()) {
            flash.message = "${u.name} password reset success"
            redirect(action: 'list')
        } else {
            flash.message = 'save failed, try again...'
            redirect(action: 'resetPassword', id: id)
        }
    }

    def showPart(Long id) {
        [user: User.read(id)]
    }

//----------level 2 by following access control----------
    def show(Long id) {
        [user: User.read(id)]
    }

    def edit(Long id) {
        [user: User.read(id)]
    }

    def update(Long id) {
        User u = User.get(id)
        u.properties = params

        if (u.save()) {
            flash.message = message(code: 'default.save.success')
            redirect(action: 'show', id: id)
        } else {
            flash.message = message(code: 'default.save.failed')
            render(view: "edit", model: [user: u])
        }
    }

    def delete(Long id) {
        User u = User.get(id)
        u.delete()
        flash.message = message(code: 'default.delete.success', args: [u.name])
        redirect(action: 'list')
    }

    def changePassword(Long id) {
        [user: User.read(id)]
    }

    def changePasswordDo(Long id, Long version) {
        User u = User.get(id)
        if (u.version != version) {
            flash.message = 'another user has updated the information while you were editing'
            redirect(action: 'changePassword', id: id)
        } else if (!u.passwordEq(params.passwordOld)) {
            flash.message = 'old password is wrong, try again...'
            redirect(action: 'changePassword', id: id)
        } else if (params.passwordNew1 != params.passwordNew2) {
            flash.message = 'twice input for new password are not same, try again...'
            redirect(action: 'changePassword', id: id)
        } else {
            u.encryptPassword(params.passwordNew1)
            if (u.status == UserStatus.PasswordExpired) u.status = UserStatus.Enabled
            if (u.save()) {
                flash.message = "${u.name} password change success"
                redirect(action: 'show', id: u.id)
            } else {
                flash.message = message(code: 'default.save.failed')
                redirect(action: 'changePassword', id: id)
            }
        }
    }

    //----------level 3 by action inner----------
    def list() {
        [users: User.findAll()]
    }
}
